Four UK universities get anti-malware grants

Fighting mobile malware

The Engineering and Physical Sciences Research Council (EPSRC) has given four universities grants to come up with new methods to tackle the rise in mobile malware.

Researchers have been given a share of $5 million by to counter cyber-criminals who are using malicious apps which can collude with each other to infect the smartphone in your pocket.

Two app research teams at Royal Holloway University of London, and City University London, Coventry and Swansea Universities as well as three teams carrying out research have been given grant money.

Holloway University

Dr Lorenzo Cavallaro, Lecturer in the Information Security Group at Royal Holloway University of London, said: "We're used to considering our phones as a trusted, private channel of communication, and suitable to receive authentication information to access specific online services. Unfortunately, this information can be leaked or abused by colluding malware if the mobile device is infected."

Dr Cavallaro's research team will study the behaviour of apps on Android operating systems and develop novel techniques to spot malicious apps, which of course, are designed to remain hidden. They will use this information to enrich or enhance devices to counteract attacks.

The EPSRC is particularly worried about apps working together. For example, it is possible for one app which is permitted to access personal data, which passes the data to a second app allowed to transmit data over the network.

City University

Professor Tom Chen who is leading research teams at City University London, Swansea and Coventry universities on app collusion detection said almost all academic and industry efforts are focusing on single malicious apps; almost no attention has been given to colluding apps. Existing antivirus products are not designed to detect collusion.

Both research teams are collaborating with Intel Security which is providing researchers access to a library of safe apps and will assist in analysing malware so the researchers can test their behaviours.